package com.zn.controller;

import com.zn.pojo.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class HelloController {

    @GetMapping("/{url}")
    public String a(@PathVariable("url")String url){
        return url;
    }

    @PostMapping("/login")
    @ResponseBody
    public String b(String username,String password){
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken uToken = new UsernamePasswordToken(username, password);
        try {
            //进行验证，报错返回首页，不报错到达成功页面。
            subject.login(uToken);
        } catch (UnknownAccountException e) {
            return "用户不存在";
        } catch (IncorrectCredentialsException e) {
            return "密码错误";
        }

        User user = (User) SecurityUtils.getSubject().getPrincipal(); // 获取当前登录用户
        //https://www.jianshu.com/p/7f724bec3dc3
        return user.toString();
    }

    @GetMapping("/meiquanxian")
    @ResponseBody
    public String c(){
        return "没有授权。";
    }

}
